Senator Guerra Souty original series calendar,replica hublot blue steel peach pointer collocation of rolex replica Rome digital scale, track type minute replica watches scale shows that the classical model is swiss replica watches incomparable, wearing elegant dress highlights.


YOU ARE HERE: HOME Articles What is cookie less session How it works

What is cookie less session? How it works?

View(s): 44389

When a user visits a Web site for the first time, the site creates a unique ID, known as a Session ID. The Session ID is unique for that current Session, making it possible for the server to keep track of the user's current Session information.

Generally this Session ID will be stored in cookie, for every request, browser will send this cookie back to server and will track the user session and restore correct user session back for that request.

What happens if cookies are not supported? ASP.NET server fails to track the session information. Then cookieless sessions are the best option. If you set the cookieless attribute of the sessionState element to "true" in your web.config, you will notice that sessions still work perfectly.

<sessionState cookieless="true" />

So, how it is tracking session information without cookies? Where is ASP.NET storing the session ID when cookies are not being used? In this case, the session ID is inserted in a particular position within the URL. Imagine you request a page like http://yourserver/folder/default.aspx, the slash immediately preceding the resource name is expanded to include parentheses with the session ID stuffed inside, as below.

http://yourserver/folder/(session ID here)/default.aspx

The session ID is embedded in the URL and there's no need to persist it anywhere.

Below are possible options to set cookieless session state.

  1. UseCookies - Cookies are always used, even if the browser or device doesn’t support cookies or they are disabled. This is the default. If the device does not support cookies, session information will be lost over subsequent requests, because each request will get a new ID.
  2. UseUri - Cookies are never used, regardless of the capabilities of the browser or device. Instead, the session ID is stored in the URL.
  3. UseDeviceProfile - ASP.NET chooses whether to use cookieless sessions by examining the BrowserCapabilities object. The drawback is that this object indicates what the device should support—it doesn’t take into account that the user may have disabled cookies in a browser that supports them.
  4. AutoDetect - ASP.NET attempts to determine whether the browser supports cookies by attempting to set and retrieve a cookie (a technique commonly used on the Web). This technique can correctly determine whether a browser supports cookies but has disabled, in which case cookieless mode is used instead.

  Last updated on Saturday, 14 September 2013
  Author: Mr. Ponna
3/5 stars (31 vote(s))

Register Login Ask Us Write to Us Help